You're listening to the Cyberwire Network, powered by N2K.

And now a word from our sponsor, Threat Locker.

Keeping your system secure shouldn't mean constantly reacting to threats. Threat Locker

helps you take a different approach by giving you full control over what software can run in your

environment. If it's not approved, it doesn't run. Simple as that. It's a way to stop ransomware

and other attacks before they start without adding extra complexity to your day. See how Threatlocker

can help you lock down your environment at www.threatlocker.com. Hello everyone and welcome to the CyberWires Research Saturday.

I'm Dave Bittner, and this is our weekly conversation with researchers and analysts

tracking down the threats and vulnerabilities, solving some of the hard problems and protecting ourselves in a rapidly evolving cyberspace.

Thanks for joining us.

Pillar Security, we spent the last year and a half, spent a lot of time with the emerging attack vectors that put

AI-powered applications at risk.

So first of all, we got to learn and get our hands around a new attack vectors such as prompt

injection, indirect injections and all sorts of evasion techniques that turn this attacks to be basically invisible to the human eye and most of the security tools out there.

That's Ziv Karliner, Pillar Securities co-founder and CTO. The research we're discussing today is titled,

New Vulnerability in GitHub Copilot and Cursor,

how hackers can weaponize code agents.

So take that together with the fact that we ourselves are utilizing these amazing coding co-pilots that on their own are utilizing LLM and its base,

got us thinking about how the combination of the new attack vectors and the actual I would say some of the most popular use cases for the

AI powered applications which are coding assistance how this really combines together and

sparked our imagination about what can potentially go wrong.

Well, at the root of this is what you all refer to as the rules file back door. Can you describe that for us?

...